Online security rests on a few important standards and tools for safe use. If you’ve ever entered sensitive information into an online form, you’ve trusted the most important one of these tools, an X.509 certificate, to protect your information. If you’re curious about the function of an X.509 certificate, here is a brief overview.

What is an X.509 Certificate? – A brief history

The certificate was created in 1988 as part of the X.500 directory that helped early users navigate digital networking directories. Today, X.509 certificates are used to help users identify a secure connection and  X.509 certificates create a key pair in order to bind a specific user to a certificate, ensuring privacy and legitimacy for users within companies or larger organizations. When a certificate creates a pairing, it also verifies the identity of the user it’s linking to. This two-pronged approach ideally works to make connections and sites more secure and less prone to Phishing attacks. However, because of a wave of Phishing attacks and other security compromises in 2011, X.509 certificates can now come with added security features. For instance, an X.509 certificate can be used with secure extensions to prevent Phishing attacks and malware.

What does it include?

An X.509 certificate will always come with the following:

  • A DN, or distinguished name, used to verify the identity of the user.
  • A public key to tie to that user
  • Information about the version of X.509 used by the certificate
  • A serial number
  • An issuer DN linking to the original purchaser of the certificate
  • A digital signature
  • Details about the certificate’s algorithm
  • Optional extensions for enhanced security

What are the different applications of an X.509 certificate?

When you visit a specific web page, your browser will alert you to the security of that page in a few different ways. Many browsers will indicate safety with green text or a green bar, alongside the word ‘secure’ with a lock signature. When your browser gives you this information, it’s reading the X.509 certificate of a page and verifying the safety of the page through TLS/SSL certificates. An SSL, or “Secure Sockets Layer,” is a type of technology that protects personal data from getting stolen from an entry form or web page. TLS, or “Transport Layer Security,” is an updated version of SSL. TLS/SSL certificates are made possible by a pre-existing X.509 certificate that safeguards the site itself. When you see the letters ‘HTTPS’ at the start of a link, that’s an indication to users that the site utilizes a TLS/SSL certificate and is protected by an X.509 certificate. For this reason, most websites find that it’s in their best interest to purchase a certificate to protect sensitive customer input, like credit card info. X.509 certificates can also be used to create digital signatures that verify the identity of specific users and certificate authorities online.

Where do I get one?

X.509 certificates can be purchased at: